Login Sign Up

CVE-2024-28084

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability in iNet wireless daemon (IWD) allows attackers to cause denial of service through daemon crashes by exploiting initialization issues during parsing of advertised service information. It affects all systems running IWD versions through 2.15. The impact could potentially extend beyond DoS to unspecified other impacts.

💻 Affected Systems

Products:
  • iNet wireless daemon (IWD)
Versions: All versions through 2.15
Operating Systems: Linux distributions using IWD
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems where IWD is enabled and processing wireless service advertisements. Common in Linux distributions using IWD for wireless management.

📦 What is this software?

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Inet Wireless Daemon by Intel

View all CVEs affecting Inet Wireless Daemon →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete disruption of wireless connectivity services, potential remote code execution if combined with other vulnerabilities, and system instability requiring manual intervention.

🟠

Likely Case

Service disruption causing wireless connectivity loss, requiring daemon restart or system reboot to restore functionality.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring, limited to isolated wireless service interruption.

🌐 Internet-Facing: MEDIUM - Requires wireless network access but could be exploited by nearby attackers without authentication.
🏢 Internal Only: MEDIUM - Internal attackers with wireless network access could disrupt wireless services affecting multiple users.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires sending malformed service advertisements to the wireless interface. No authentication needed, making it accessible to nearby attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 2.15 (patched in git commits 52a47c9fd428904de611a90cbf8b223af879684d and d34b4e16e045142590ed7cb653e01ed0ae5362eb)

Vendor Advisory: https://git.kernel.org/pub/scm/network/wireless/iwd.git/

Restart Required: Yes

Instructions:

1. Update IWD package using your distribution's package manager. 2. For Fedora: 'sudo dnf update iwd'. 3. Restart IWD service: 'sudo systemctl restart iwd'. 4. Verify the service is running: 'sudo systemctl status iwd'.

🔧 Temporary Workarounds

Disable IWD temporarily

linux

Stop using IWD and switch to alternative wireless management until patched

sudo systemctl stop iwd
sudo systemctl disable iwd

Network isolation

all

Restrict wireless network access to trusted devices only

🧯 If You Can't Patch

  • Implement strict wireless network segmentation to limit attack surface
  • Monitor IWD service logs for crash events and implement automated restart scripts

🔍 How to Verify

Check if Vulnerable:

Check IWD version: 'iwd --version' or 'rpm -q iwd' or 'dpkg -l iwd'. If version is 2.15 or earlier, system is vulnerable.

Check Version:

iwd --version 2>/dev/null || rpm -q iwd 2>/dev/null || dpkg -l iwd 2>/dev/null | grep ^ii

Verify Fix Applied:

Verify version is newer than 2.15 and check git commit includes fixes 52a47c9fd428904de611a90cbf8b223af879684d or d34b4e16e045142590ed7cb653e01ed0ae5362eb.

📡 Detection & Monitoring

Log Indicators:

  • IWD daemon crash logs in systemd/journalctl
  • Segmentation fault errors in IWD logs
  • Unexpected service restarts

Network Indicators:

  • Unusual wireless service advertisement packets
  • Multiple connection drops on wireless interfaces

SIEM Query:

source="systemd" AND (process="iwd" AND (message="segmentation fault" OR message="crash" OR message="terminated"))

📊 Metadata

CVE ID: CVE-2024-28084
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-665
Published: March 3, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-28084, you might also want to check these:

CVE-2021-33635 9.8

CVE-2021-33635 is a critical vulnerability in iSulad container runtime where pulling malicious conta...

Same vulnerability type (CWE-665)
CVE-2022-0947 9.0

This vulnerability in ABB ARG600 Wireless Gateway series allows remote attackers to connect to seria...

Same vulnerability type (CWE-665)
CVE-2023-28737 8.8

This vulnerability in Intel Aptio V UEFI Firmware Integrator Tools allows authenticated local users ...

Same vulnerability type (CWE-665)